Re: FYI: vm.swap_encrypt

[Alexander Nasonov <alnsn%yandex.ru@localhost>]

Taylor R Campbell wrote:
> > Date: Mon, 11 May 2020 21:12:16 +0100
> > From: Alexander Nasonov <alnsn%yandex.ru@localhost>
> >  1) SWAP_STATS can be modified to return a status of encryption in
> >     the se_flags member.
> 
> What would the status be?  That encryption was once enabled and at
> least one page was written out encrypted?
> 
> At any given time, some pages may be encrypted while others are not.
> We don't keep track of how many pages are encrypted and how many pages
> are not, and it might be tricky to do so.  All that is easy to do,
> without adding a lot more bookkeeping, is ascertain whether we have
> generated an encryption key at all, meaning that at least one page was
> swapped out while vm.swap_encrypt=1.

I didn't realise that it can be a mix.

> >  2) The encyption bit can be passed to SWAP_ON/SWAP_CTL but they
> >     currently take an integer agrument and it's reserved for a priority.
> 
> I thought about that but a vm.swap_encrypt sysctl knob was quicker to
> implement without needing further thought or ABI compatibility work.

Yeah, compatibility can be a pain.

> If you find a compelling reason to make it per-swapdev and want to
> implement that, fine by me!

I have no strong preference but if it was per-swapdev I could
use existing KAUTH_SYSTEM_SWAPCTL instead of introducing a new
KAUTH_SYSTEM_SWAP_ENCRYPT.

-- 
Alex